sigchk

sign and check files using ed25519
git clone git://z3bra.org/sick
Log | Files | Refs | Submodules | README | LICENSE

commit 86dc08daba5ed8bc3415fd7f18b5617fd1f6a2ab
parent 09c6666cc383a937651327a9a9e52bc0de7dbc92
Author: z3bra <willyatmailoodotorg>
Date:   Wed Apr 27 13:08:32 2016

Use a keyring instead of passing the keys directly

Upon checking a signature file, all the public keys within the KEYRING
directory will be used.
If any of them varify the signature successfully, the check is considered
successful.

Otherwise, -1 is returned.

Diffstat:
 sick.c | 40 +++++++++++++++++++++++++++++++++++++---
 1 file changed, 37 insertions(+), 3 deletions(-)

diff --git a/sick.c b/sick.c @@ -1,3 +1,4 @@ +#include <dirent.h> #include <limits.h> #include <fcntl.h> #include <stdio.h> @@ -13,7 +14,9 @@ #define PUBSIZ 32 #define PRIVSIZ ((PUBSIZ) * 2) #define SIGSIZ 64 + #define DEFAULT_ALIAS "ed25519" +#define KEYRING "./keyring" enum { ACTION_INVALID = -1, @@ -29,7 +32,8 @@ void usage(char *name); char *base_name(char *path); int genkey(char *alias); int sign(char *file, char *key); -int check(char *file, char *key); +int verify(char *file, char *key); +int check(char *file); void usage(char *name) @@ -155,7 +159,7 @@ sign(char *file, char *key) } int -check(char *file, char *key) +verify(char *file, char *key) { int fd = 0, check = 0; size_t len = 0; @@ -203,6 +207,36 @@ check(char *file, char *key) } int +check(char *file) +{ + int fd = 0; + DIR *dirp = NULL; + struct dirent *dt = NULL; + char path[PATH_MAX]; + + dirp = opendir(KEYRING); + if (dirp == NULL) { + perror(KEYRING); + return -1; + } + + while ((dt = readdir(dirp)) != NULL) { + if (dt->d_type == DT_REG) { + memset(path, 0, PATH_MAX); + memcpy(path, KEYRING"/", strlen(KEYRING) + 1); + memcpy(path+strlen(KEYRING) + 1, dt->d_name, dt->d_reclen); + if (verify(file, path) == 0) { + closedir(dirp); + return 0; + } + } + } + + closedir(dirp); + return -1; +} + +int main(int argc, char **argv) { int action = ACTION_DEFAULT; @@ -229,7 +263,7 @@ main(int argc, char **argv) switch(action) { case ACTION_CHECK: - if (check(*argv, key ? key : DEFAULT_ALIAS ".pub") == 0) { + if (check(*argv) == 0) { puts(*argv); } break;